A tool to get the deployed ACI contracts from the Fabric and present it in a human readable format.
Cisco ACI has a sort of complex contract system. Providers (destination) and consumers (sources) and subjects and filters and also entries. Nothing is at one place, everything is nested, not convenient to oversee it. It is not that strait forward to see "who connects to who with what contract and what ports are allowed" on a single place. This project helps in that by visualising the contracts like an ACL.
The main purpose of the app is to visualise ACI contracts in "human readable" format in a widely used :) excel format.
Pre-requisites:
- Access to the fabric APIC
Clone and install requirements.
git clone https://github.com/routingalchemy/ACI_KYC.git
cd ACI_KYC
pip install -r requirements.txt
The files in the directory are:
acikyc_app.py- main appcontracts_template.xlsx- template for the excel outputdata_model.json- a representation how the contract data is stored
- Define an instance and provide the login credentials
- Login to the fabric and get a token
- Retrieve single or all fabric contract details
- Generate contract details to file
contracts = aci_kyc("sandboxapicdc.cisco.com", "admin", "!v3G@!4@Y")
contracts.apic_token()
list = contracts.all_contracts() << for all contract details
list = contracts.all_contracts(tenant="commom", contract="default") << for a single contract
contracts.contract2excel(list)
- More/various details form the contracts/subjects/filters/entries
- Get a single contract output
- Get a tenant's all contract
- Graphviz diagram for graphical output
- Service graph indication
- EPG based contract representation
- EPG/Subject lables
- Preferred group membership
- L3Out Ext-EPG network details
- Master EPG membership
- Intra-EPG contracts
- Requires at least Python 3.10 match case statement support
- The project files are formatted with Black
- Code has been tested on ACI 6.x only with EPG,vzAny,L3Out objects